top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

MongoDB On-Premise to AWS migration?

+1 vote
592 views

We are planning to migrate MongoDB from On-premise to AWS. But we are restricted not to use cloud manager . With the port is enabled,I want to change the 3 member replica set on-premise to 5 member replica set (3 on premise and 2 on AWS).

Can you please tell me if I can sync the data between on-premise to AWS using SSL but I should not be using SSL for On-premise replica set and only for AWS 2 replica sets the sync needs to happen using SSL.

posted Aug 9, 2016 by anonymous

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

Having a mixed SSL settings in the same replica set is possible (although generally not recommended for a production deployment), however, it is important to understand the security implications of such an environment.

sslMode has four options:

disabled: The server does not use TLS/SSL.
allowSSL: Connections between servers do not use TLS/SSL. For incoming connections, the server accepts both TLS/SSL and non-TLS/non-SSL.
preferSSL: Connections between servers use TLS/SSL. For incoming connections, the server accepts both TLS/SSL and non-TLS/non-SSL.
requireSSL: The server uses and accepts only TLS/SSL encrypted connections.
To sync data between on-premise to AWS using SSL, all your severs (on-premise and AWS) should have SSL set to preferSSL or requireSSL. In both cases, communications between nodes in the replica set will be encrypted using SSL. However, preferSSL accepts connection in non-SSL where requireSSL doesn’t. So the choice between the two depends on what level of security you would like to have for the client connections.

You could also mix preferSSL and requireSSL, the main difference being whether clients connecting to them requires SSL or not:

Nodes which have preferSSL can accept non-SSL connections.
Nodes which have requireSSL cannot accept non-SSL connections.
Regarding the upgrade path, to avoid any downtime, you could start by changing all servers to allowSSL, where the node would accept incoming connections, but communications between nodes in the replica set will not be encrypted using SSL. Once all your replica set to allowSSL you could start changing them one by one to be requireSSL and later on (if you choose) to requireSSL. This would ensure that at every stage your nodes can still communicate with each other. You can find details about how to upgrade to SSL in the Upgrade a Cluster to Use TLS/SSL page

As with any major changes to a deployment, please ensure that all data are backed up and all procedures thoroughly tested.

answer Sep 28, 2016 by Manikandan J
Similar Questions
+1 vote

I use Ubuntu if that matters. I install Mongo like I would on any Linux server, make sure to open certain ports through security groups, etc. Are there any best practices or perhaps specific EC2 support for Mongo I can leverage?

AFAIK Amazon doesnt provide RDS-like managed Mongo instances.

+2 votes

Would anyone here be willing to walk me through setting this stuff up on Amazon Web Services?

I need to run MongoDB on an EC2 instance and connect to an EMR Hadoop cluster for a project, but I have never used any of this stuff (Mongo/Hadoop/the connector/AWS) before so its a bit overwhelming. I have downloaded the connector from Github so far.

I believe I need to run "gradlew jar" to build the jars (not really sure what those do either), but after that I am a bit lost. Have been searching for about a week now, but I cant find a good step-by-step process for this.

Please help..

+1 vote

I have transferred a wordpress website on AWS (EC2 and RDS-Mysql servers). The DNS has been setup in Route53.

The wordpress files has been located under directory:

/var/www/html

And the mysql database is imported on RDS. The home page looks fine but when I click on the other pages, it gives "404 not found" error. I have modified /etc/httpd/conf/httpd.conf file to allow WordPress to use permalinks:

<Directory "/var/www/html">
AllowOverride All 

I have also checked the size of transferred files and they look as same as the main files.

Any help would be appreciated.

+1 vote

I would like to know if it is possible to deploy a Ruby on Rails App to the Amazon AWS cloud, and if it is, which is the best way? Is there an updated tutorial to do so?

...